To view this content in our official product documentation, click here.
Introduction
Basic authentication is the simplest (though not the strongest) method for authenticating API requests.
With basic authentication, a username and password are sent in the HTTP header of each API request, to authenticate a client application (in this case, Patchworks) and grant access to the associated resource.
Be aware that **username** and **password** are just labels for two pieces of information that must be provided in the header to authenticate API requests with basic authentication.
Some third-party applications WILL look for a username and password but others may require something else - for example, application id and API key. This is fine - it’s still basic authentication - we just need to configure basic authentication variables to use different display labels.
How it works
Here's how basic authentication works:
- The client-server (i.e. Patchworks) sends an API request to the required third-party application server (e.g. Shopify). The request includes username and password authentication credentials in the HTTP header of the request, encoded in Base64 format.
- Upon receipt of the request, the third-party application server extracts authentication credentials from the header. It then validates these credentials by comparing them with the stored user credentials in its own system/database.
- If the credentials provided are valid, the third-party application server grants access to the requested resource. If the credentials are invalid or missing, the third-party application server denies access and returns an appropriate error response.
User experience of basic authentication
When a Patchworks user adds an instance of a connector and chooses to authenticate with basic authentication, they will see something similar to the example below:

Basic authentication examples
It can be useful to compare how existing connectors have been configured for token-based authentication. The Patchworks marketplace includes many connectors that are configured to use this authentication type - a few examples are linked below:
You can install any of these for comparison.
Comments
0 comments
Please sign in to leave a comment.